Report reveals that Google Play hosted more than 200 malicious apps last year
Last year, the Google Play Store hosted more than 200 malicious apps, 38% of which were designed to distribute Joker , a “malware” that enrolls victims in a premium billing service.
Malicious apps end up finding a place in Google’s official store despite the company’s security measures to prevent their publication. Between June 2023 and April 2024, security firm Zscaler identified more than 200 malicious apps that collectively recorded more than 8 million installations.
These malicious apps appear to be legitimate, with useful services such as a PDF or QR Code reader or photo editor. Specifically, the tools category accounts for 48 percent of these infected “apps,” compared to those offering customizations (15 percent) and photography apps (11 percent).
Overall, the most prevalent malware family is Joker (38%), also known as Bread. Discovered in 2017, it is a threat designed to scam through paid SMS messages, in-app purchases, and subscriptions to premium services, without the victim even realizing it until the bill arrives.
Followed by “adware” (35%), as one of the most common types of malware in malicious applications, which operates through fraudulent ads displayed in pop-ups, but also as images or videos.
Facestealer (14%) is the third most detected malware in infected apps. This family specializes in stealing credentials to hijack Facebook users’ accounts, putting victims’ data at risk.
The report highlights that while overall Android threats have declined, two types of malware have increased in prevalence: banking and spyware.